Facebook Suspends 200 Apps for Data Privacy Concerns — What Does This Really Mean?

Facebook suspended 200 apps due to data privacy concerns, which it revealed earlier this week. Shawn Tuma explains some of the key points about this in the following television and radio interviews: CW33 Morning Dose talks to cybersecurity lawyer, Shawn Tuma, about Facebook suspending 200 apps https://youtu.be/KW9iMg7EcOs Facebook suspends 200 apps following Cambridge Analytica revelations, what … Continue reading Facebook Suspends 200 Apps for Data Privacy Concerns — What Does This Really Mean?

Regulator says May 25 is not doomsday #GDPR

The approach to data protection, and the enforcement of it, should and will be the same 36 days from now as it ever was: Following the rules is the way to go. But if you fail there, yeah, there are going to be some problems. "The aim of our office is to prevent harm, and … Continue reading Regulator says May 25 is not doomsday #GDPR

Marine corp data breach lesson: human error is often the cause and is preventable

There has been a data breach emanating from the U.S. Marine Corps Forces Reserve that impacted 21,426 individuals. The breach exposed their sensitive personal information such as truncated social security numbers, bank electronic funds transfer and bank routing numbers, truncated credit card information, mailing address, residential address and emergency contact information. Calm down and press the … Continue reading Marine corp data breach lesson: human error is often the cause and is preventable

FMCNA to Pay $3.5 Million for Non-Compliance with HIPAA’s Risk Analysis and Risk Management Rules

Fresenius Medical Care North America (FMCNA) has agreed to pay $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), and to adopt a comprehensive corrective action plan, in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. FMCNA … Continue reading FMCNA to Pay $3.5 Million for Non-Compliance with HIPAA’s Risk Analysis and Risk Management Rules

State data breach notification law mishmash would get worse with proposed NC and SD legislation — is instant notification by clairvoyant next?

The push for a single uniform national data breach notification law gained strength in the wake of the Equifax breach. Now proposed legislation in North Carolina would amend its law in a way that would add momentum to this push. And, now South Dakota is tired of being one of only two states without a … Continue reading State data breach notification law mishmash would get worse with proposed NC and SD legislation — is instant notification by clairvoyant next?

Happy Data Privacy Day!

WHAT ARE YOU DOING TO OBSERVE IT? Today is Data Privacy Day! If you have been wondering “what is Data Privacy Day?” then this is your lucky day because not only is today Data Privacy Day, but here is the answer and an explanation for why it really matters to you and your company’s future … Continue reading Happy Data Privacy Day!

Allscripts EHR Ransomware Attack is Huge–How Will it Impact Healthcare Practices?

See recommendations below On January 19, 2018, cybercriminals were successful in a ransomware attack on Allscripts, an electronic healthcare record (EHR) provider for healthcare providers across the United States. The attack encrypted some of Allscripts systems and prevented those healthcare providers who use those systems for their EHRs from being able to access their patient records. Not … Continue reading Allscripts EHR Ransomware Attack is Huge–How Will it Impact Healthcare Practices?

The Most Positive Cybersecurity Trend I Have Seen in Nearly 20 Years!

In the last quarter of 2017, I have observed a cybersecurity trend that has given me more hope than any that I have seen previously. Let me explain. As an attorney, I have been practicing what can generally be described as cyber law or cybersecurity law since 1999, which means that my practice has evolved a lot … Continue reading The Most Positive Cybersecurity Trend I Have Seen in Nearly 20 Years!

Complimentary Webinar: Countdown to #GDPR – Compliance for Non-EU Companies

Countdown to GDPR Compliance is a complimentary webinar that I will be moderating on Thursday, December 7, 2017, at 12:00 PM Central.  This is the second webinar in a three-part series sponsored by Mackrell International and will focus on Compliance for Non-EU Companies. You don't want to miss it! Moderator: Shawn Tuma Presenter: Marta Stephanian, … Continue reading Complimentary Webinar: Countdown to #GDPR – Compliance for Non-EU Companies

Incident Response – 3 Takeaways from the Equifax Breach

The SecureWorld News Team talked with Shawn Tuma about many of the lessons that can be learned from the Equifax data breach and winnowed it down to the following 3 takeaways that are discussed more thoroughly in the article: We need a uniform national breach notification law in the United States. When it comes to … Continue reading Incident Response – 3 Takeaways from the Equifax Breach